package com.kk.controller;

import cn.hutool.crypto.digest.MD5;
import com.alibaba.fastjson.JSON;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.kk.common.lang.Result;
import com.kk.entity.User;
import com.kk.jwt.JwtTokenUtil;
import com.kk.jwt.JwtUser;
import com.kk.service.UserService;
import org.apache.catalina.security.SecurityUtil;
import org.apache.tomcat.util.security.MD5Encoder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextImpl;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.security.Security;
import java.util.Date;

/**
 * @author : K k
 * @date : 16:51 2020/6/12
 */
@RestController
@CrossOrigin
public class IndexController {

    @Autowired
    private UserService userService;
    @Autowired
    private UserDetailsService userDetailsService;
    @Autowired
    private JwtTokenUtil jwtTokenUtil;

    //register
    @PostMapping("/register")
    //输入账号密码，邮箱
    public Result register(@RequestBody User registerUser, HttpServletResponse response){
        //先查询用户名和邮箱是否被注册
        User user = userService.getOne(new QueryWrapper<User>()
                .eq("username", registerUser.getUsername())
                .eq("status", 0));
        Assert.isNull(user,"用户名已被使用");

       user = userService.getOne(new QueryWrapper<User>()
                .eq("email", registerUser.getEmail())
                .eq("status", 0));
        Assert.isNull(user,"邮箱已被注册");

        //若上述验证都通过 则存入数据库
        String password = registerUser.getPassword();
        password = new BCryptPasswordEncoder().encode(password);
        registerUser.setPassword(password);
        registerUser.setAvatar("https://image-1300566513.cos.ap-guangzhou.myqcloud.com/upload/images/5a9f48118166308daba8b6da7e466aab.jpg")
                .setStatus(0);
        registerUser.setLastLogin(new Date());
        userService.save(registerUser);

        //TODO 需要进行认证吗
        JwtUser jwtUser = (JwtUser) userDetailsService.loadUserByUsername(registerUser.getUsername());
        Authentication authentication=new UsernamePasswordAuthenticationToken(
                jwtUser,jwtUser.getPassword(),jwtUser.getAuthorities());
        SecurityContextHolder.setContext(new SecurityContextImpl(authentication));
        String token = jwtTokenUtil.generateToken(jwtUser);

        response.setHeader("Authorization",token);
        response.setHeader("Access-control-Expose-Headers","Authorization");
        response.setCharacterEncoding("UTF-8");
        response.setContentType("application/json;charset=UTF-8");
        jwtUser.setPassword("");
        return Result.success(jwtUser);
    }

}
